package com.lbx.config;

import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

/**
 * @author 吕兵星
 * @date 2020/10/30 21:16
 */
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    /**
     * 授权
     * */
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .antMatchers("/").permitAll()
                .antMatchers("/1/**").hasRole("vip1")
                .antMatchers("/2/**").hasRole("vip2")
                .antMatchers("/3/**").hasRole("vip3");
        http.formLogin();
        http.logout();
    }

    /**
     * 认证
     * */
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
                .withUser("admin").password(new BCryptPasswordEncoder().encode("123")).roles("vip3","vip2","vip1").and()
                .withUser("lbx").password(new BCryptPasswordEncoder().encode("123")).roles("vip3","vip2").and()
                .withUser("lsy").password(new BCryptPasswordEncoder().encode("123")).roles("vip3");
    }
}
